YUI Theater — Douglas Crockford: “Crockford on JavaScript — Part 5: The End of All Things” (94 min.)

By YUI TeamApril 8th, 2010

Douglas Crockford delivers the fifth lecture in his his Crockford on JavaScript lecture series at Yahoo on March 31, 2010.

The final installment of the Crockford on JavaScript lecture series begins like this:

I believe that children are our future. And also, I believe, robots. Children and robots…

He turns quickly to issues of security in the browser:

The worst of all of its security problems is the so called cross site scripting attack, or XSS. It’s not called CSS because that would be confused with the Crappy Style Sheets system that’s in the browser. It really shouldn’t be called cross site scripting either, because there are modes of this attack which have nothing to do with operating across sites. You can have one of these attacks happening within a site. What it really is is a confusion of interest attack. One thing that’s unfortunate is that the security experts who identified and named it got it wrong, and have not corrected it since then, and expect all the web practitioners to be adopting their broken jargon. We’re going to talk a lot about these classes of problems, and how we’re going to fix them.

All of the Crockford on JavaScript videos are now up on YUI Theater:

If the video embed below doesn’t show up correctly in your RSS reader of choice, be sure to click through to watch the high-resolution version of the video on YUI Theater.

Other Recent YUI Theater Videos:

  • Christian Heilmann: YQL and YUI: Building Blocks for Quick Applications — The Yahoo! Developer Network’s international evangelist Christian Heilmann discusses his philosophy for creating fast, powerful, compelling applications using the Yahoo Query Language (YQL) and the Yahoo User Interface Library (YUI).
  • Philippe Le Hégaret: The Next Open Web Platform — Philippe Le Hégaret, who heads the W3C Interaction Domain, discusses HTML5. While the HTML5 specification itself does actually not contain many new features, the new Web platform, often labeled as HTML5, does come with many new features from HTML video to SVG to CSS animations or Web sockets. This talk gives an overview of what’s ahead of us, using concrete demonstrations in latest generation Web browsers.
  • John Resig: Testing, Performance Analysis, and jQuery 1.4 — John Resig of Mozilla, creator of the popular jQuery JavaScript library, reviews options for testing and performance analysis in JavaScript and previews the significant changes coming soon in jQuery 1.4.
  • Luke Smith: Events Evolved — YUI engineer Luke Smith provides a deep introduction to the YUI 3 event system including its support for DOM events, event delegation, synthetic events, and custom events.

Subscribing to YUI Theater:


  1. I still don’t get why Crockford is anti-CSS. The closest thing to an argument against it that I’ve heard from him comes across as “I don’t get it, therefore it is bad” (which has nothing to do with CSS). I don’t know how much CSS Crockford does, so I don’t know if I should expect much more than that. Has he written anything that explains in detail his problems with CSS and / or a proposal for a different method of styling markup (other than JavaScript/DOM, or else I might lose the great amount of respect I have for the man)?

  2. CSS is definitely bad. There are too many resource in this topics on the internet. We need no more proof.

    (I’ve read Michael Bowers’s book. I’m not a CSS naive)

  3. Jeffrey Gilbert said:
    April 9, 2010 at 1:37 pm

    He referenced it in an earlier talk as a bad example of inheritance, but i don’t think he was specifically taking aim at the selector syntax which is quite good for getting around on the dom. but he hates the dom too so that’s likely why since one begets the other.

  4. I guess I would enjoy watching Crockford even more if he would stop abusing language all the time.

    In a previous installment, he states that every type in JavaScript is an object. In this installment, he states that everything is passed by reference. Both of these statements are at best misleading and at worst false (at least if we’re talking in terms of the language itself, and not an implementation). Any standard reference on the language explains this (including his own book, on the first point). And his own examples illustrate this.

    Why bother with technical language if you’re just going to crap on it?

  5. Very interesting talk, thank you

  6. Wait seriously? Is he still in 1999, or do people actually do `window[name] = blah`???

    I dearly hope not…